Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Attacks on the open-source value chain (OS supply chain) are becoming more sophisticated, and we, as software developers, are becoming the focus of these attacks. So what are the essential first steps, and what should you focus on? This raises the question of suitable methods and tools. At the same time, the company's strategic orientation must be considered in this security strategy. In the recent past, we have also learned that attacks are increasingly targeting individual infrastructure elements of software development, such as the classic CI/CD pipeline.

Developer-focused security from code to cloud, and back to code. Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

Attacks on the open-source value chain (OS supply chain) are becoming more sophisticated, and we, as software developers, are becoming the focus of these attacks. So what are the essential first steps, and what should you focus on? This raises the question of suitable methods and tools. At the same time, the company's strategic orientation must be considered in this security strategy. In the recent past, we have also learned that attacks are increasingly targeting individual infrastructure elements of software development, such as the classic CI/CD pipeline.

In this demo we'll see the Falcon Platform identify systems vulnerable to Follina in your organization, prevent an attack of this vulnerability and show threat hunting capabilities to identify any systems that may have been targeted.

Want to know how Teleport’s Access Plane technology replaces VPNs, shared credentials, and legacy privileged access management technologies, improving security and engineering productivity? Learn more about Teleport’s Certificate Authority and Access Plane for your infrastructure so you can: ➢ Set up single sign-on and have one place to access your SSH servers, Kubernetes, databases, Windows desktops, and web apps.➢ Use your favorite programming language to define access policies to your infrastructure.➢ Share and record interactive sessions across all environments.

Grab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk broke down the Follina/MSDT zero day vulnerability (CVE-2022-30190), rounded up the latest ransomware activity, and discussed supply chain risk related to Python and PHP libraries. Mick and Ryan competed in a 60 second charity challenge to explain LOLBins before taking a deep dive into the 2022 Verizon Data Breach Investigations Report.

Let 1Password developer and Linux Technical Lead, Savanni D’Gerinel, introduce you to Nix and NixOS. Nix is a fully functional programming language and package manager. All the ideas between the Nix language and Nix packages create a complete operating system, NixOS.

The AWS RDS service itself falls on the AWS side of the Shared Responsibility model, but the day-to-day management of the RDS security instances falls on your side. When it comes to shared responsibility, your obligation depends on the AWS services that you deploy, and also other factors including (but not limited to) the sensitivity of your data, your company’s requirements, and applicable laws and regulations.

Falcon for Mobile expands EDR capabilities beyond the desktop by monitoring and recording activities taking place on mobile devices. By expanding coverage to include mobile, companies gain visibility necessary to detect attackers from other vectors and prevent malicious insider activity, all while stopping breaches. In this video, we'll show how Falcon for Mobile can protect mobile users.